diff options
author | Steve Beaver <sbeaver@netgate.com> | 2018-08-31 10:08:00 -0400 |
---|---|---|
committer | Steve Beaver <sbeaver@netgate.com> | 2018-08-31 10:08:48 -0400 |
commit | d08e82557346dda0d736921d868dddff9f898dc9 (patch) | |
tree | e2d201509131caf7eb206c73efcdcf660cbf39da | |
parent | 74e4543842c47efda37e3b078b8e5cc3f54ce9ba (diff) | |
download | pfsense-d08e82557346dda0d736921d868dddff9f898dc9.zip pfsense-d08e82557346dda0d736921d868dddff9f898dc9.tar.gz |
Make async_crypto explicit enabled/disabled rather than current isset
-rw-r--r-- | src/etc/inc/vpn.inc | 2 | ||||
-rw-r--r-- | src/usr/local/www/vpn_ipsec_settings.php | 15 |
2 files changed, 11 insertions, 6 deletions
diff --git a/src/etc/inc/vpn.inc b/src/etc/inc/vpn.inc index 0f679a1..7df4d19 100644 --- a/src/etc/inc/vpn.inc +++ b/src/etc/inc/vpn.inc @@ -136,7 +136,7 @@ function vpn_ipsec_configure($restart = false) { $ipseccfg = $config['ipsec']; /* Configure asynchronous crypto. See https://redmine.pfsense.org/issues/8772 */ - set_sysctl(array('net.inet.ipsec.async_crypto' => (int) isset($ipseccfg['async_crypto']))); + set_sysctl(array('net.inet.ipsec.async_crypto' => (int) ($ipseccfg['async_crypto'] == "enabled") )); if (!ipsec_enabled()) { /* try to stop charon */ diff --git a/src/usr/local/www/vpn_ipsec_settings.php b/src/usr/local/www/vpn_ipsec_settings.php index 1cfda86..63450d9 100644 --- a/src/usr/local/www/vpn_ipsec_settings.php +++ b/src/usr/local/www/vpn_ipsec_settings.php @@ -38,7 +38,6 @@ $pconfig['unityplugin'] = isset($config['ipsec']['unityplugin']); $pconfig['strictcrlpolicy'] = isset($config['ipsec']['strictcrlpolicy']); $pconfig['makebeforebreak'] = isset($config['ipsec']['makebeforebreak']); $pconfig['noshuntlaninterfaces'] = isset($config['ipsec']['noshuntlaninterfaces']); -$pconfig['async_crypto'] = isset($config['ipsec']['async_crypto']); $pconfig['compression'] = isset($config['ipsec']['compression']); $pconfig['enableinterfacesuse'] = isset($config['ipsec']['enableinterfacesuse']); $pconfig['acceptunencryptedmainmode'] = isset($config['ipsec']['acceptunencryptedmainmode']); @@ -138,9 +137,9 @@ if ($_POST['save']) { } if ($_POST['async_crypto'] == "yes") { - $config['ipsec']['async_crypto'] = true; - } elseif (isset($config['ipsec']['async_crypto'])) { - unset($config['ipsec']['async_crypto']); + $config['ipsec']['async_crypto'] = "enabled"; + } else { + $config['ipsec']['async_crypto'] = "disabled"; } if ($_POST['acceptunencryptedmainmode'] == "yes") { @@ -191,6 +190,12 @@ if ($_POST['save']) { } } +if (isset($config['ipsec']['async_crypto'])) { + $pconfig['async_crypto'] = $config['ipsec']['async_crypto']; +} else { + $pconfig['async_crypto'] = "disabled"; +} + $pgtitle = array(gettext("VPN"), gettext("IPsec"), gettext("Advanced Settings")); $pglinks = array("", "vpn_ipsec.php", "@self"); $shortcut_section = "ipsec"; @@ -351,7 +356,7 @@ $section->addInput(new Form_Checkbox( 'async_crypto', 'Asynchronous Cryptography', 'Use asynchronous mode to parallelize multiple cryptography jobs', - $pconfig['async_crypto'] + ($pconfig['async_crypto'] == "enabled") ))->setHelp('Allow crypto(9) jobs to be dispatched multi-threaded to increase performance. ' . 'Jobs are handled in the order they are received so that packets will be reinjected in the correct order.'); |